Free and Open Source Software

cross-posted from: https://feddit.org/post/23909345

I received this newsletter from the Free Software Foundation Europe some days ago:

On 18 November, French President Emmanuel Macron, German Chancellor Friedrich Merz, and the digital ministers from 24 EU Member States met in Berlin for the Summit on European Digital Sovereignty. The Free Software Foundation Europe (FSFE) was also invited.

As I entered the conference hall that morning, one question came to mind: Would Europe’s political debate, here today, finally recognise that we need technology we can control and shape? Would this be the moment for Free Software?

Unfortunately, it turned out differently. In the speeches that followed, Free Software was mentioned for the first time only after two and a half hours. Most proposed solutions went no further than a “buy European” approach to software procurement. A modest consolation: Chancellor Merz at least mentioned the Federal Government’s Free Software projects in his closing remarks. It is certainly noteworthy that many decision-makers now understand the risks of our digital dependency and are aware of its far-reaching implications. But even by the end of 2025, one crucial insight has still not taken hold among digital policymakers: Only Free Software can end these dependencies and enable digital sovereignty in Europe.

The FSFE’s answer to this dangerous dependency in our public administrations is clear: “Public Money? Public Code!” When public money is spent on software, it must always be Free Software. Throughout the year, the FSFE has worked to advance this principle across Europe.

 • In key consultations, for example on EU procurement reform and the next multi-year EU budget, we called for the introduction of a strategic Free Software requirement in public tenders and for secure long-term funding for Free Software.

 • We monitored progress towards “Public Money? Public Code” in European member states, for instance in Denmark and Germany, where we openly criticised problematic developments under the newly elected Federal Government, and urged that the Germany Stack be developed entirely as Free Software.

 • At local level, progress was visible too, including the adoption of a motion in favour of “Public Money? Public Code!” by the Municipal Assembly of Lisbon.

 • We addressed Openwashing at conferences and in discussions with public administrations, and presented strategies to counter it.

Two moments from this year stand out particularly for me. In April, at our FSFE expert conference “Public Money? Public Code! in Practice”, 60 people from local administrations, academia, and politics came together to share how public administrations are already taking action and advancing the use of Free Software. That discussion made visible how many committed people across the public sector are working towards the goal of “Public Money? Public Code!” — and how much clearer political backing could strengthen and accelerate their efforts.

At the invitation of our Danish FSFE team, I travelled to Copenhagen in June to discuss digital sovereignty at a public panel. Against the backdrop of US claims on Greenland, it was more palpable in the Danish capital than in Germany and some other European countries that our digital dependency is increasingly risky, and that Free Software is essential for our public administrations if we are to overcome it. What I also felt in Denmark was that more and more people understand this connection and see the importance of standing up for “Public Money? Public Code!”.

100% Free Software for European public administrations is an ambitious goal — one we will not achieve tomorrow, nor in two years’ time. But you can be sure: The FSFE will continue to work persistently towards this objective, with determination and a long-term perspective.

In 2026, a key focus of our work will be the EU procurement reform, to make the strategic procurement of Free Software the norm. With the Germany Stack and comparable projects across Europe, we will argue even more clearly for digital sovereignty through Free Software and for cross-border collaboration. We will take our expert conference “Public Money? Public Code! in Practice” to other European countries. And we will remain vigilant, clearly calling out issues such as Openwashing and the misleading claim that “buy European” alone delivers digital sovereignty.

To continue this work, we now need your long-term support:

Become an FSFE supporter now and contribute to advancing “Public Money? Public Code!” across Europe.

Best regards,

 Johannes Näder
 FSFE Senior Policy Project Manager

Website: https://yazi-rs.github.io/

Changelog: https://github.com/sxyazi/yazi/blob/main/CHANGELOG.md#v251229

They have lot of stuff:

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Fixed for any bug fixes.
• Improved for performance improvements.

I just list the first 10 added stuff:

[v25.12.29]

Added

• Remote file management ([#3396])
• Virtual file system ([#3034], [#3035], [#3094], [#3108], [#3187], [#3203])
• Shell formatting ([#3232])
• Multi-entry support for plugin system ([#3154])
• Zoom in or out of the preview image ([#2864])
• Improve the UX of the pick and input components ([#2906], [#2935])
• Show progress of each task in task manager ([#3121], [#3131], [#3134])
• New fs.copy() and fs.rename() APIs ([#3467])
• New experimental ya.async() API ([#3422])
• New overall option to set the overall background color ([#3317])
• ... and more!

I wanted some recommendations on the best FOSS GUI Markdown editors. My current one is MarkText, so any good equivalent alternatives to it ?

Thanks in advance👌

The announcement reply in the (from original developers rejected) Feature Request issue: https://github.com/FreeTubeApp/FreeTube/issues/4447#issuecomment-3697918113

And the repository: https://github.com/D3SOX/FreeTube

And for Arch users in the AUR: https://aur.archlinux.org/packages/freetube-git-d3sox

There is a new fork of FreeTube that implements a (at least by me) long wished feature: Save video playback speed setting for each channel separately. He plans to do a Flatpak version maybe and its already in the AUR.

I personally have trust issues to run unknown forks and rely on them, for security and other reasons. So for now I won't use it unfortunately. But maybe someone else is interested.

I am actually looking forward to hearing from the people here. Yeah Low-effort I know.

But I think this is an important topic to discuss, considering how much of the FOSS community is kept afloat by unpaid & volunteer-labour.

I am especially looking forward to any discussions of possible solutions

TL;DR: The big tech AI company LLMs have gobbled up all of our data, but the damage they have done to open source and free culture communities are particularly insidious. By taking advantage of those who share freely, they destroy the bargain that made free software spread like wildfire.

Some of these machines literally took 5 minutes to get from boot to watching a YouTube video, and now they can do so in a fraction of that time.

I'm super-interested in helping people reduce e-waste in my community now, and am wondering about how to go about advertising my willingness to help strangers restore their old/slow/Win11-ineligible machines. I wish I got over the fear of OS-wiping years ago!

I was fed up with having to keep things like npm, NodeJS and git up to date manually; so I created a little script that keeps things up to date automatically (configurable on a per-app basis) via WinGet.

I know there are already things out there… but they looked like a pain to install, and this is simple enough that I actually understand what it’s doing XD

https://github.com/ELowry/WinGet-Updater

Hello Lemmy,

With this release, bluetuith now works on MacOS. MacOS specific instructions are here: https://bluetuith-org.github.io/bluetuith/Installation/MacOS.html.

(TL;DR Install and run Haraltd and then run Bluetuith)

Bluetuith is a TUI based bluetooth manager, that aims to be an alternative to most bluetooth managers, and can perform bluetooth based operations like:

• Connection to and general management of bluetooth devices, with device information like battery percentage, RSSI etc. displayed, if the information is available. More detailed information about a device can be viewed by selecting the 'Info' option in the menu or by clicking the 'i' key.

• Bluetooth adapter management, with toggleable power, discoverability, pairablilty and scanning modes.

• Transfer and receive files via the OBEX protocol, with an interactive file picker to choose and select multiple files.

• Handle both PANU and DUN based networking for each bluetooth device (Linux only)

• Control media playback on the currently connected device, with a media player popup that displays playback information and controls. (Linux only)

I hope you enjoy this release, and any feedback is appreciated.

TL;DR: Mozilla’s translation bot on Support Mozilla (that is currently overwriting user contributions is based on the closed source, copyright infringing LLM, Google Gemini. This is in spite of Mozilla claiming that they are at the forefront of open source AI, and belies their exhortations to choose to build open source AI and data sets. Although Mozilla has experience in attracting open contributions for data sets in projects like Common Voice, Mozilla is using a closed data set to overwrite open contributions. Since (paid) Gemini queries do not train the model, Mozillians can expect to correct errors every time the bot automatically updates an article.

cross-posted from: https://lemmy.today/post/42851505

Slightly more detail in this GitHub issue, however much is still unknown, even after three or so days. The dev hasn't revealed any further details. Some articles on this incident:

• https://www.bleepingcomputer.com/news/security/smarttube-youtube-app-for-android-tv-breached-to-push-malicious-update/
• https://www.aftvnews.com/smarttubes-official-apk-was-compromised-with-malware-what-you-should-do-if-you-use-it/

Note that the articles provide little detail on what's happened, mostly just detail that a malicious library was found and Play Protect started removing the app if affected. It's unclear which versions are specifically affected, how the dev got breached, and what the malware actually does. According to a user (who may or may not be using some sort of LLM, their comment sounds like one at least) in a separate, related issue, the malware may collect device info and send to a command & control server. It could (in theory) receive new instructions at any point if it's a C2 server. Again, it does appear that they had an LLM of some sort generate their comment, so take it with a grain of salt.

I'm going to uninstall the app and revoke access on my Google account page. I see little reason to need to reset my password as of right now, since the app uses an API key and not my actual password. In my opinion, it's possibly related to YT viewbotting and commenting, or to add your device to a botnet. It's unclear to me how this botnet would work in practice, since even Android TV sandboxes apps (for the most part).

Update: it appears that this may be related to the Vo1d botnet: DrWeb: Android.Vo1d.14.origin. If this is indeed the case, then the goal was to add devices to the botnet. It's my understanding that previous versions of this botnet typically required cheap, pre-rooted Android TV boxes, in order to install other apps. I'm not sure if that means that you're safe if your device is not rooted. It might be worth checking your installed apps for oddities.

TL;DR: Mozilla is killing localization on Support Mozilla, overwriting articles written by humans with machine generated translations. Although Mozilla knows that their AI doesn’t localize or adhere to style guides, Mozilla is going live with it anyway. I thank locale leaders and localizers for their tireless efforts. Locale leaders seem to be obviated by AI, and Mozilla has nothing to say about it.

The shitty/distracting web run on ads, so why not making a search engine which index based on that? You would have an experience similar to what was the internet originally: no corporate shit, no infinite scroll, just independent websites made to share real informations and real knowledge, and would still leave space for subscriptions or donations! And you could still use JS and avoid just using a text browser, making the occasional order from a website or navigating the fediverse!

Not an ADblock, the issue isn't ads, the issue is how the web is TAILORED towards ads, and how that makes shitty web.

Is there any tool which does that? The goal would be blocking/avoid indexing all websites connected somehow to ads, is this even something possible? I know it would block 90% of the web, but if that 10% is freedom, I want that freedom!

I had this idea recently: if people are willing to pay a small fee monthly for streaming services or Photoshop, surely some would also be willing to pay a similar amount for the FOSS they use. Even a few cents monthly would add up to quite a substantial sum over a vast userbase*. In light of this, I've started working on an app that records your app usage, and then at the end of the month splits whatever sum of money you want to donate amongst the apps in proportion to the time you spent using them.

Then it will (hopefully) let you donate to all of those projects with a single click.

Since it's only halfway finished, I'm posting this to gague how much interest there would be in such an app. Could you could see yourself using something like this? Do you have any ideas for what I should add/change?

*(It also occurred to me that perhaps one way to fix surveillance capitalism on the internet would be if every HTTP get request came with a microtransaction (eg 0.01¢) attached; those without money would gain those 0.01¢ by seeing ads, like today)

cross-posted from: https://lemmy.world/post/38929150

Overview here

https://forum.syncthing.net/t/does-anyone-know-why-syncthing-fork-is-no-longer-available-on-github/25661/39

The new owner of the repo has a fresh github account and apparently has the signing keys from Catfriend1 too.

Time will tell if they are trustworthy, but for the extra paranoid it might make sense to pause updates for a while.

The new repo has two releases in it now. GitHub is silently redirecting to the new repo, even in Obtainium, meaning it's possible that if you had this previously installed via Obtainium and updated now, you may have apks installed that may or may not contain the changes in the repo.

This is a mess. I deleted the repo from Obtainium (luckily I don't auto install updates) and will wait to see what happens over the next few months. Might just save my notes in a network share instead of using syncthing from my phone. Idk, notes are all that I was using it for.

I've noticed something new on my Debian Linux VPS. When I run "ss" or "netstat" with the appropriate parameters I find that there are a lot of IPv6 connections in the SYN-RECV state. This is something new.

The connections seem to all be to port 443 (my apache https port). They all seem to be IPv6 mapped IPv4 source addresses. If you geo lookup the IPv4 address, they map to Brazil. This has persisted over weeks maybe longer, and the IPs do shift over time especially the first and second components, the third seems to be in the 220-223 range, the fourth seems to be random, and the port seems random. The ones I've seen are all Brazil. It does not seem to be DDOS related as it causes no other issues I can see, and I see no evidence of intrusion. Just don't like this new thing. Feels like some sort of scanning.

So any ideas of what this is, or what to do about it?

cross-posted from: https://discuss.tchncs.de/post/48228755